﻿using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using System.ComponentModel.DataAnnotations;
using WhutDoomCheck.Server.Entities;
using WhutDoomCheck.Server.Services;
using WhutDoomCheck.Shared.HttpModels;

namespace WhutDoomCheck.Server.Controllers
{
    [Route("api/[controller]")]
    [ApiController]
    public class LoginController : ControllerBase
    {
        public LoginController(ApplicationDbContext dbContext, AccessTokenService accessTokenService)
        {
            this.dbContext = dbContext;
            this.accessTokenService = accessTokenService;
        }

        private readonly ApplicationDbContext dbContext;
        private readonly AccessTokenService accessTokenService;

        public record LoginModel([Required]string UserName, [Required]string Password);

        /// <summary>
        /// 学生登录
        /// </summary>
        /// <param name="request"></param>
        /// <returns></returns>
        [HttpPost("Student")]
        public IActionResult StudentLogin([FromBody] LoginModel request)
        {
            var studentQuery = from x in dbContext.Students where x.Sno == request.UserName
                               select new {x.Sno, x.Contact};
            
            if (!studentQuery.Any()) return Unauthorized();

            var student = studentQuery.Single();
            if (string.IsNullOrEmpty(student.Contact))
            {
                if (request.Password != "123456")
                    return Unauthorized();
            }
            else
            {
                if (request.Password != student.Contact)
                    return Unauthorized();
            }

            var accessToken = accessTokenService.CreateAccessTokenForStudent(student.Sno);

            return new JsonResult(new { accessToken });
        }

        /// <summary>
        /// 老师登录
        /// </summary>
        /// <param name="request"></param>
        /// <returns></returns>
        [HttpPost("Teacher")]
        public IActionResult TeacherLogin([FromBody] LoginModel request)
        {
            if (request.Password != "654321")
                return Unauthorized();

            var teacherQuery = from teacher in dbContext.Counsellors
                               where teacher.Id == request.UserName
                               select teacher.Id;

            if (!teacherQuery.Any()) return Unauthorized();

            var accessToken = accessTokenService.CreateAccessTokenForTeacher(teacherQuery.Single());

            return new JsonResult(new Token(accessToken));
        }

        /// <summary>
        /// 学校登录
        /// </summary>
        /// <param name="request"></param>
        /// <returns></returns>
        [HttpPost("School")]
        public IActionResult SchoolLogin([FromBody] LoginModel request)
        {
            if ((request.UserName != "whut") || (request.Password != "AawW7qAP2GuET1HBJuegED7TRAifrVY"))
                return Unauthorized();

            var accessToken = accessTokenService.CreateAccessTokenForSchool("whut");

            return new JsonResult(new Token(accessToken));
        }
    }
}
